Page MenuHomePhabricator
Differential D6783

Fix out-of-bounds index in Avalanche PeerManager
AbandonedPublic
Actions

Authored by jasonbcox on Jun 30 2020, 03:35.

Details

Reviewers
deadalnix
Group Reviewers
Restricted Project
Summary

Found by the ASAN build: https://build.bitcoinabc.org/viewLog.html?buildId=89231&buildTypeId=BitcoinABC_Master_BitcoinAbcMasterAsan&tab=buildLog&_focus=2223

Test Plan

build-configurations.py build-asan

Diff Detail

Event Timeline

jasonbcox created this revision.Jun 30 2020, 03:35
Herald added a reviewer: Restricted Project. · View Herald TranscriptJun 30 2020, 03:35
jasonbcox requested review of this revision.Jun 30 2020, 03:35
Harbormaster completed remote builds in B11790: Diff 21888.Jun 30 2020, 04:15
Fabien added a subscriber: Fabien.Jun 30 2020, 08:07
Fabien added inline comments.
src/avalanche/peermanager.cpp
82

slots.size() could be end here, and you could simply return NO_PEER instead of a break. In the end the result is the same: after the break you will exit the while loop, jump over the for loop (because end - begin is necessarily <= 0) and return NO_PEER anyway.

deadalnix requested changes to this revision.Jun 30 2020, 13:29
deadalnix added a subscriber: deadalnix.
deadalnix added inline comments.
src/avalanche/peermanager.cpp
72

Adding an assert that i is in the right range is a good idea here.

82

Indeed, this has nothing to do with size and everything to do with the need to early bail.

This revision now requires changes to proceed.Jun 30 2020, 13:29
jasonbcox abandoned this revision.Jul 1 2020, 21:21

Revision Contents
Changeset List

PathSize
src/
avalanche/
9 lines

Diff 21888

View Options

src/avalanche/peermanager.cpp

Loading...